A blog to share security, networking and cloud related technology information as @vCloudernBeer picked up on his search for his destiny in the cloud. (LinkedIn: https://www.linkedin.com/in/chowanthony)

Sunday, July 26, 2015

In the month of July, groups around the world the world are celebrating
the 5 year birthday of OpenStack. They are giving out t-shirts to commemorate
this event along with birthday cakes and champagne (each group is celebrating a
little bit differently).

OpenStack started in 2010 with is first release named as
Austin.Eric Wright (@discoposse) had a nice post on
OpenStack Kilo release and have a detailed description of some interesting
statistics about OpenStack as well as some of OpenStack's latest feature.

OpenStack came a long way in these 5 years and is starting
to gain more and more attention as a solution to business needs.Last OpenStack summit in Vancouver there were
over 6,000 attendees.New features in
respond to the market needs were being added in a high pace.While OpenStack is feature rich and is
delivering these features in a fast pace with 2 releases per year, one question
there is always one question in mind -

“Is OpenStack enterprise ready?"

Essential "enterprise" features

I think the top 2 essential enterprise features are:

High Availability

Security

High Availability One
important aspect for enterprise is to sustain continuous business operation.To look at a product if it is enterprise
ready we must look at what level of HA it is able to deliver.Different business have different requirement
for the level of HA a product can provide. If we look at that OpenStack web
site, it stated that OpenStack is able to offer 99.99% of uptime for the
infrastructure. But if we read on, it stated that OpenStack does not guarantee
99.99% availability for individual guest instances.Well it does not mean that OpenStack is NOT
enterprise ready.At least the OpenStack
is guaranteed to have 99.99% of uptime.If this cannot be achieved, then we can forget about the 99.99% of the
individual guest instances.

Vendor specific build-in HA features

There are a few ways that we can take advantage of the existing and proven high availability feature provided by vendors such as:

Red Hat Enterprise Linux 7 - Pacemaker

Ubuntu 14.04 - High Availability Cluster solutions

SUSE Linux Enterprise High Availability

VMware vSphere infrastructure

Kubernetes Another development in OpenStack is project Magnum where OpenStack interacts with Kubernetes to orchestrate the deployment of groups of containers as a Pod and there is the replication controller in Kubernetes that user can defined the desired state of the Pod in such a way that if container dies, the Replication Controller is going to re-create the Pod defined by the user.

Another important aspect for enterprise is security. OpenStack has a project called Keystone that handles the security of the infrastructure. One feature for Keystone is that it can use Active Directory as a backend server and this allows OpenStack to use the existing and widely used Active Directory. This is helping OpenStack to be enterprise ready.Interaction within the various element of the OpenStack infrastructure is via RESTful API. Each entity will have to request a security token for each API call so that the target entity can validate if the initiator of the API call has the proper credential and privilege to request the operation.OpenStack has a dedicated security team to look at the security of the OpenStack infrastructure. Each commit to the OpenStack code base has a keyword SecurityImpact that the commiter can use to flag the security team to investigate if that particular commit has any security impact to OpenStack.With all these features in place, more and more companies are willing to deploy OpenStack in the production environment. This is a sample of companies that are deploying OpenStack in their production environment (just showing some examples and is not a complete list):

Within the last few days there are 2 new development that helped move OpenStack closer to be "enterprise" ready.

Google becoming a
sponsor to OpenStack Foundation

On July 16, Google announced that it is becoming a sponsor
to the OpenStack Foundation along with “big” companies such as IBM, Red Hat,
Ubuntu or VMware support this open source cloud infrastructure.I had a blog post on my reaction to Google’s
announcement.

The significant of Google sponsoring OpenStack Foundation is
twofold.The first one is that Google is
in a way endorsing this technology.The second
one is what its knowledge, expertise and experience on deploying container at
scale to make OpenStack able to deploy container as well as virtual machine in
it infrastructure.

OpenStack
Innovation Center

On July 23, there is another OpenStack announcement that is
worth looking into and I believe is as important as the Google
announcement. This important announcement is that Rackspace and Intel is collaborating to form an OpenStack Innovation Center. According to the press release the purpose of this OpenStack Innovation Center is to help accelerate the development of enterprise capabilities and thus driving the adoption of OpenStack in the enterprise production environment.The agreement between Rackspace and Intel includes:

OpenStack Innovation Center – The center will
create the world’s largest OpenStack development team. It will be
comprised of Rackspace and Intel engineers and will be located at
Rackspace’s corporate headquarters in San Antonio.

OpenStack Developer Training – Through this effort,
Rackspace and Intel will offer new modules of courseware designed to
onboard and increase the number of open source developers actively
contributing to the success of the community.

Joint OpenStack Engineering – Rackspace and Intel
will resource OpenStack development, working in collaboration with the
OpenStack Enterprise Work Group and community, targeting bug elimination
and the development of new enterprise features. The companies will
recruit new engineers to participate in OpenStack development.

Largest OpenStack Developer Cloud– Rackspace and
Intel will build and make available to the community two 1,000 node
clusters to support advanced, large-scale testing of OpenStack and new
features developed through the joint engineering work. The companies
anticipate having the clusters available for community use within the
next six months.

One good news for me as a software developer on this collaboration between Rackspace and Intel is that there will be a two 1,000-node OpenStack hybrid cloud clusters that will be made available to the OpenStack community to look a issues regarding scaling and performance.

What is next?
Wonder what is in the horizon for more enterprise features in OpenStack. I had a conversation with a person that is in the OpenStack community and he was saying that there will be a lot more exciting announcements in the upcoming OpenStack Tokyo summit and in the OpenStack Austin summit next year.

Reference:"Accelerating the Enterprise Features of OpenStack: Rackspace and Intel Form the OpenStack Innovation Center." Rackspace Hosting. N.p., n.d. Web. 25 July 2015.

Friday, July 24, 2015

We all
want to advance in our career or at least stay relevant so that we keep our
current job. Right after I graduated from college I wanted an office with this
view:

But now I want an office with a view like this - I wanted to work from home:

Depending on what our career goal is, we do different things to sharpen out technical skill so that we can be marketable and build for us a career.

What are you doing to build your career?

What is a job?
My idea of a job is that we are to solve problems. This view may be overly simplistic but is very accurate. Everyday whether you are working or not you are solving problems. The more difficult problem you can solve the better you got pay (well most of the time). A doctor is to solve the problem of the patient by providing medical advice or to prescribe medication. I cook for my kid and that is to solve their problem of being hungry.

In the technical world, we do different things to solve business problems so that your company can earn money. I am a software developer and I write software to provide feature for networking equipment so that my company can sell the equipment to other business entities to solve their networking problem in the course of making money.

While the ability to solve problem is important, it also has to be relevant. My boss is very nice and we have a good working relationship for many years. However, when I told my boss that I made VMware vExpert 2015, the response is "That is nice. Congrats". Why do I get this cold response from my boss? The reason is simple, by being a VMware vExpert is certainly a career achievement for me but the bottom line is that it will not solve my boss' problem at that time which is to lower the software bug report counts. My skill that I have acquired or achieved for VMware or OpenStack does not help my boss solve his problem.

What are soft skills?SearchCIO.com has a good article explaining what soft skills are in the context of the IT industry. Soft skill are the skill on how to communicate with others effectively. This is also labelled as people skill or interpersonal skill.

Soft skills are something that most of us do not consciously wanting to improves as with our hard skills. For the technical skill we will consciously take classes or to achieve industry recognized certifications such as CCIE, VCDX.

With soft skills, our ability to solve problems for our boss increases. What happen when developer A wanted to implement a traditional link list to solve this problem while developer B on the same team wanted to use the Red-Black tree to solve the same problem. Do we have the ability to resolve this conflict before the heated conversation goes to the boss' office?

Soft skills help us interact with our co-workers? Beside the technical skill, employers also look at a person's ability to interact with the existing team on a job opening that they are hiring.

Soft skills are an important aspect for our career!

What am I doing with polishing my soft skill?
I do not have a customer facing job but in the pass few years I got different opportunities to polish and to sharpen my soft skills.

Writing skill
By writing I do not mean only to be grammatically correct but to develop a unique writing style that can help capture readers. Can I make appropriate illustrations to help reader understand the content? Will the readers anticipate my next blog post to come?

Being an active blogger is a start. With this blog I am learning how to communicate with the reader to explain different concepts or new trends in the IT industry. I want to have the ability to write clearly and in a simple way to explain various security, network or cloud technologies. To me writing skill is a soft skill to me because I am a software developer. Now if I were a tech writer or a journalism then writing skill is a hard skill.

Smiling face
The second soft skill that I am developing is a genuine smiling face when interacting with others.

This may sound easy but for me I need lots of practice.

I practice this at local user group meetups and conferences. One thing nice for me is that I like beer (craft beer) and in the technical world drinking is part of the culture and I am able to strike conversation with stranger on the topic of beer. When meeting with others that I do not know very well, beside able to strike a conversation with some common topic to talk about, a smiling face can often make a big difference. You can see people will smile back and they will feel a lot more comfortable talking to me.

Have you ever felt lost in a big conference where lots of people are around you and yet you felt you are alone? A smiling face (genuine) is a good ice breaking tool.

Presentation skill
The third soft skill that I am sharpening is to give presentations. It started here. I still do not like public speaking but I enjoy sharing what I know with others. Presentation is NOT just tell others something. We need to engage with the audience and to catch their attentions so that the presentation material can be effectively transferred to them. Presentation is a 2 way street and the presenter needs to be sensitive to the audiences body language and to adjust the presentation accordingly. If the presentation is 1:30 in the afternoon, we need to understand that most audiences will be very sleepy after lunch. Able to tell some jokes will be useful to gather back the audience's attention. An effective presenter needs to listen (to the audience) also.

Different people told me that even I do not have a customer facing job, presentation skill is still important for me to develop. There are times that we need to present to the CEO our company.

After my first presentation at the Los Angeles VMUG, I sign up for other speaking opportunities. I sign up for Red Hat Summit, SCALEx13 (Southern California Linux Expo), Puppet Day, OpenStack summit and vBrownBag TechTalks.

In specific for the OpenStack Vancouver summit, I sign up because I wanted a free conference pass so I can attend the summit. As I have mentioned in this post, my current company that I am working for does not endorse nor sponsor my quest for a day job that is cloud computing related. I have to use my personal time and pay for all expenses myself. What I have found is that writing talk proposals for conferences is a skill that I need to work on. It is time for the OpenStack Tokyo summit and this time I submitted 2 talk proposals. I am a nobody in the OpenStack community and the chance for me to be selected to speak at the OpenStack summit is very very low. However, practice makes perfect and I am going to try and use this as my learning experiences. Just like asking for a girl for a date - if you do not ask she will not go out with you but if you ask, there is a chance.

A little self promotion:
Please consider voting for my 2 presentation proposals for the OpenStack Tokyo summit as this will push my presentation skill to a higher level and I believe these 2 talks are useful for the OpenStack community:

Saturday, July 18, 2015

On July 16, Google announced that it is becoming a sponsor to the OpenStack Foundation. This announcement immediately generated a lots of excitement and this news is all over the social media. Immediately lots of blogs and technical news outlets published articles on this announcement.My immediate reaction was this:

as I express myself on Twitter.

In this blog post, Product Manager of Google, Craig McLuckie stated that by becoming a sponsor to the OpenStack Foundation, Google is expected to bring valuable knowledge, expertise and deployment experience of container-oriented computing to OpenStack. The blog also stated that Google is seeing 2 emerging trends in the enterprise computing sector:

Moving toward the adoption of hybrid cloud (public and private)

Moving toward the adoption of container-based computing

Quote directly from the blog post:

"We (Google) will be working over the coming months with the (OpenStack) community to integrate Kubernetes, as well as complementary container technologies, to create a stronger hybrid cloud."

The excitement about Google sponsoring OpenStack Foundation is not just just another "big" company joining IBM to endorse the future of OpenStack but what Google can bring and to enhance what OpenStack can provide for its consumers. Google has been running containers for over 10 years. Google's various applications such as Gmail, web search or map services are running as containers. It is said on the internet that Google launch 2 billions containers in one week.

Why Linux Container?Linux Container is not a new technology and its origin can trace back to FreeBSD Jails in year 2000. Docker Inc, is the company behind the open source Docker platform. The Docker platform is an orchestration or packaging tool that allows application and their dependencies to run on container technology. Docker makes it easy for developer and sys admin to deploy applications with container technology.

The advantage of Linux container is light weight and fast provision as compare to a virtual machine. It is also portable

Linux containers is just perfect for DevOps as well as Micro-services architecture.

Linux Container is part of the equation along with DevOps and Micro-services to answer the modern day business requirement – agility. In other words the ability to react to the change of the business environment fast or faster than the competitor.Both DevOps and Micro-services are big topics that will take up an entire blog post to talk about.

In a nutshell, DevOps is not a technology but a culture and a form of application deployment methodology. It relies on the continuous feedback model from operation to development so that applications can be deployed in a faster manner.

Micro-services is the new and popular way of deploying applications. Application used to be one monolithic process and is not as agile. Micro-services breaks the application into smaller processes running together.

DevOps, Linux container and micro-services architecture fits right into each other because they share one common characteristic and that is to break one complex problem into smaller problems which can be resolved easier and faster.

Linux containers are gaining traction in the enterprise IT environment. In my other blog post, I talked about VMware embracing Docker with Project Bonneville making Docker to run just like a virtual machine in vSphere so that Docker container can take advantage of the matured high availability, security and networking infrastructure that VMware had developed.

Microsoft is also embracing Docker in its public cloud Azure.

We can see that container is an emerging technology integrating with various enterprise ready technologies independently providing features for consumer of the IT infrastructure or cloud.

What is Kubernetes?

Kubernetes is developed by Google to manage containers in a clustered environment. Google makes Kubernetes open source and can be found on GitHub here.

The beauty of open source project is that there is always description of the project. The description of Kubernetes on GitHub is:

"Kubernetes is an open source system for managing containerized applications across multiple hosts,
providing basic mechanisms for deployment, maintenance, and scaling of applications."

An interesting point to note is that Kubernetes is still considered as pre-production beta status and heavy development is still being done. (Well GitHub said it is in pre-production beta but on July 21 at oscon, Kubernetes 1.0 is released. Release 1.0 and above is usually production ready).Kubernetes works off the following concepts:

I will write up a more detailed blog post on Kubernetes later. If you cannot wait, take a look at here.

Project MagnumBefore the July 16 Google announcement, OpenStack already has an ongoing project called Magnum - Containers as a Service.

Project Magnum allows containers be deployed in an OpenStack infrastructure as easy as a virtual machine but in the fashion that container should be deployed. This opens up a lot more business use case on DevOps and Micro-services for OpenStack.

In Nova, Docker is considered as one of the supported hypervisor type. The main difference for Magnum over Nova is that Magnum uses container orchestration tool to deploy containers at scale and in a rapid manner. Deployment characteristic of a container is different than a virtual machine such that container come and go more frequently and containers usually are deployed in group as a cluster and sometimes across multiple hosts. These containers in the cluster needs interact with each other when they operate together to offer the service of one application to the user as in the Micro-service architecture.

There is not much description about the Magnum on GitHub. Better description can be found on OpenStack wiki page for Magnum The OpenStack Magnum wiki page even has a 5 minute video on how Magnum works. This project on OpenStack wiki is described as:

"OpenStack API service making container orchestration engines such as Docker Swarm and Kubernetes available as first class resources in OpenStack"

The main idea is to take advantage of the existing Docker orchestration engine and make it work on an OpenStack infrastructure. I will write another blog post to describe Magnum in more detail. For now we will look at Magnum at a very high level. As a preview, the architecture of Magnum looks like this:

What is ahead of us?
I see that Project Magnum is the reaction to the modern day business requirement and now with Google being able to inject its valuable knowledge, expertise and deployment experiences to the project, Linux container deployment at scale in OpenStack will become mature in due time. It will also integrate better with the other OpenStack projects such as Swift, Keystone or Neutron that more business use cases can be supported.

Google has over 15 years of deploying application at large scale and will certainly able to bring its experience and expertise to the Magnum project.

The most important question is how fast and what features Project Magnum can produce in a timely manner meaning if the market is ready to embrace what is offered. Sometimes the technology is way more advanced than what the market is ready for. I see in the 2000, there is a start-up already trying to offer SDN but at that time the market is not ready for it and that start-up closed down due to lack of funding around 2003.